[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2014155163A3 - System for efficient generation and distribution of puf based challenge-response pairs - Google Patents

System for efficient generation and distribution of puf based challenge-response pairs Download PDF

Info

Publication number
WO2014155163A3
WO2014155163A3 PCT/IB2013/059564 IB2013059564W WO2014155163A3 WO 2014155163 A3 WO2014155163 A3 WO 2014155163A3 IB 2013059564 W IB2013059564 W IB 2013059564W WO 2014155163 A3 WO2014155163 A3 WO 2014155163A3
Authority
WO
WIPO (PCT)
Prior art keywords
response
proxy
authentication
response function
service provider
Prior art date
Application number
PCT/IB2013/059564
Other languages
French (fr)
Other versions
WO2014155163A2 (en
Inventor
David Wachtfogel
Andrew SINTON
Original Assignee
Nds Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nds Limited filed Critical Nds Limited
Priority to US14/773,388 priority Critical patent/US9847984B2/en
Publication of WO2014155163A2 publication Critical patent/WO2014155163A2/en
Publication of WO2014155163A3 publication Critical patent/WO2014155163A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/24Key scheduling, i.e. generating round keys or sub-keys for block encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Storage Device Security (AREA)
  • Small-Scale Networks (AREA)

Abstract

A method for implementing response function agnostic, challenge-response authentication on a CE device includes sharing a series of proxy responses to a series of authentication challenges with a service provider, receiving an associated actual response from an initialization phase response function for each of the authentication challenges, where at least one of the initialization phase response function and a parameter required for the initialization phase response function is withheld from the service provider, encrypting each of the proxy responses with its associated actual response, thereby generating a series of encrypted proxy responses, storing the encrypted proxy responses on the CE device, receiving one of the authentication challenges from the service provider, inputting the authentication challenge to an operation phase response generator on the CE device, where the operation phase response generator is configured with the same response function used by the initialization phase response generator, and decrypting the proxy response from the encrypted proxy responses and results of the inputting, thereby producing the proxy response to the authentication challenge without sharing the at least one of the response function and a parameter required for the response function with the service provider. Related apparatus and methods are also described.
PCT/IB2013/059564 2013-03-24 2013-10-23 System for efficient generation and distribution of challenge-response pairs WO2014155163A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US14/773,388 US9847984B2 (en) 2013-03-24 2013-10-23 System for efficient generation and distribution of challenge-response pairs

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IL22547913 2013-03-24
IL225479 2013-03-24

Publications (2)

Publication Number Publication Date
WO2014155163A2 WO2014155163A2 (en) 2014-10-02
WO2014155163A3 true WO2014155163A3 (en) 2014-12-11

Family

ID=50029160

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2013/059564 WO2014155163A2 (en) 2013-03-24 2013-10-23 System for efficient generation and distribution of challenge-response pairs

Country Status (2)

Country Link
US (1) US9847984B2 (en)
WO (1) WO2014155163A2 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007063473A1 (en) * 2005-11-29 2007-06-07 Koninklijke Philips Electronics N.V. Physical secret sharing and proofs of vicinity using pufs
EP2326043A1 (en) * 2009-11-18 2011-05-25 Irdeto Access B.V. Preventing cloning of receivers of encrypted messages
EP2456121A2 (en) * 2010-11-19 2012-05-23 Nxp B.V. Challenge response based enrollment of physical unclonable functions

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7564345B2 (en) 2004-11-12 2009-07-21 Verayo, Inc. Volatile device keys and applications thereof
IL172207A0 (en) 2005-11-27 2006-04-10 Nds Ltd Disk protection system
US20110002461A1 (en) 2007-05-11 2011-01-06 Validity Sensors, Inc. Method and System for Electronically Securing an Electronic Biometric Device Using Physically Unclonable Functions
US20100177898A1 (en) 2007-06-14 2010-07-15 Intrinsic Id Bv Device and method for providing authentication
ATE544123T1 (en) 2007-09-19 2012-02-15 Verayo Inc AUTHENTICATION WITH PHYSICALLY UNCLONEABLE FUNCTIONS
EP2491510B1 (en) * 2009-10-21 2016-08-24 Intrinsic ID B.V. Distribution system and method for distributing digital information
US8485206B1 (en) 2011-03-01 2013-07-16 Janice Elaine Rose Collapsible buoyant sun shade

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007063473A1 (en) * 2005-11-29 2007-06-07 Koninklijke Philips Electronics N.V. Physical secret sharing and proofs of vicinity using pufs
EP2326043A1 (en) * 2009-11-18 2011-05-25 Irdeto Access B.V. Preventing cloning of receivers of encrypted messages
EP2456121A2 (en) * 2010-11-19 2012-05-23 Nxp B.V. Challenge response based enrollment of physical unclonable functions

Also Published As

Publication number Publication date
WO2014155163A2 (en) 2014-10-02
US9847984B2 (en) 2017-12-19
US20160028709A1 (en) 2016-01-28

Similar Documents

Publication Publication Date Title
WO2015073422A3 (en) System and method for updating an encryption key across a network
WO2018098081A3 (en) Apparatus and method for sharing credentials in an internet of things (iot) system
BR112019008371A2 (en) method, apparatus and data transmission system
WO2016190990A3 (en) Method, apparatus, and system for cloud-based encryption machine key injection
PH12018502024A1 (en) Methods and devices for determining precoder parameters in a wireless communication network
MX2016014461A (en) Provisioning drm credentials on a client device using an update server.
RU2018103181A (en) CONFIDENTIAL AUTHENTICATION AND SECURITY
PE20170656A1 (en) AUTHENTICATION OF THE SERVICE NETWORK
GB2534801A (en) A set of servers for "Machine-to-Machine" communications using public key infrastructure
WO2014116528A3 (en) Providing an encrypted account credential from a first device to a second device
WO2014027263A3 (en) Attribute-based encryption
WO2016114830A3 (en) Methods and systems for authentication interoperability
MX2015014636A (en) File security method and apparatus for same.
MX2017000430A (en) Networked access control system.
GB201221433D0 (en) A method and system of providing authentication of user access to a computer resource on a mobile device
WO2015023341A3 (en) Secure authorization systems and methods
WO2016057086A3 (en) Common modulus rsa key pairs for signature generation and encryption/decryption
NZ613485A (en) Method for authenticating first communication equipment by means of second communication equipment
WO2016118206A3 (en) Neural networks for encrypted data
MX361983B (en) Electronic credental management system.
JP2015524945A5 (en)
WO2012154976A3 (en) System and method for web-based security authentication
WO2014059136A3 (en) Techniqued for secure data exchange
WO2015139630A3 (en) Fast authentication for inter-domain handovers
IN2014KN02750A (en)

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 14773388

Country of ref document: US

122 Ep: pct application non-entry in european phase

Ref document number: 13824651

Country of ref document: EP

Kind code of ref document: A2